US Information technology professionals who have volunteered to work with the President's Council on the Year 2000 Conversion plan to deal directly with systems administrators on the night of the rollover to the new year.
The volunteers have created the Y2K Cyber Assurance National Information Center to report to the council's Information Coordination Center (ICC) in Washington, where the federal government will monitor computer operations during the rollover.
The Y2K Cyber Assurance National Information Centre is one of more than 10 centers run by industry officials that will provide information to the council. Its unique responsibility will be assisting in the sharing of information related to security problems that occur on systems connected to the Internet, said Gary Gagnon, director of secure information technologies at Mitre, a nonprofit corporation that provides engineering services to the U.S. government.
"We are going to be sharing information within the private sector and between the private sector and the government center," Gagnon said today at a briefing at the ICC.
The Y2K Cyber Assurance National Information Center will put systems administrators in touch with security vendors and other solution providers, Gagnon said. As events start unfolding, if there are issues, the security vendors will be available to help.
The type of information Gagnon said was likely to be shared includes vulnerabilities, anomalous events and solutions. Gagnon added that the information center would tie into already established reporting requirements, including those set up by security vendors, and does not anticipate any new ones to be added.
"If something new comes out, we anticipate we would disseminate that information via existing dissemination mechanisms such as Software Engineering Institute's Computer Emergency Response Team to get info out to the population in general," Gagnon said.
Mitre is serving as the facilitator of the center. The other volunteers on the team include representatives of Veridian, IOPS.org (the Internet Operators Group), Sematech and the SANS Institute, which represents 62,000 systems administrators and security professionals.
Vendors that are assisting include Microsoft Corp., Internet Security Systems, Axent Technologies Inc., Network Associates Inc., Symantec Corp. and Trend Micro Inc. The center will be able to tap into the resources and expertise of these companies as the date changes time zone to time zone, Gagnon said, adding that the SANS Institute and the Information Technology Association of America will be responsible for keeping in touch with the systems administrators.
At a briefing Ira Richer, executive director of IOPS.org, said his organisation of Internet service providers has lined up about 25 people who will be participating in various activities to monitor the date-change transition period. The IOPS.org representatives will participate in a telephone conference call bridge dubbed "Silent Night" starting around 6 a.m. EST on Dec. 31 to begin more than 24 hours of monitoring, starting with events in New Zealand.
"New Zealand turns over at 6 a.m. Eastern (Standard Time)," Richer said. The participants "are going to call all the time during the transition period. We hope that most of the time we'll just be saying 6 a.m., all's well, 6:30 all's well. That's why we dubbed this operation 'Silent Night.'" [See "Y2K Nightwatch," Dec. 16.]
IOSP.org will also oversee a "shared trouble ticket system" that will use a Web-based tool to share information. The advantage will be that if a problem is discovered, for example, in a system in New Zealand, the information will be disseminated so that anyone in a country where the rollover occurs later -- and who has the same equipment configured the same way -- will have a jump on deploying a fix, said Richer, who also plans to be at the ICC through the night.
John Koskinen, chairman of the President's Council on the Year 2000 Conversion, told the briefing that the information sharing plans that Mitre and IOSP.org released today will not affect information sharing that will take place among federal government agencies and the individual industries that they regulate.
But he said the Y2K Cyber Assurance National Information Center and other centers like it will allow the ICC to get status reports that will make it possible for the ICC to provide "as complete and as authoritative picture as we can of what's happening everywhere around the world and around the country."